mirror of
https://github.com/fosrl/pangolin.git
synced 2025-09-01 15:25:17 +02:00
Merge branch 'main' of https://github.com/fosrl/pangolin
This commit is contained in:
Owen Schwartz
commit
26f4a10f30
15 changed files with 556 additions and 166 deletions
83
server/emails/templates/TwoFactorAuthNotification.tsx
Normal file
83
server/emails/templates/TwoFactorAuthNotification.tsx
Normal file
|
|
@ -0,0 +1,83 @@
|
|||
import {
|
||||
Body,
|
||||
Container,
|
||||
Head,
|
||||
Heading,
|
||||
Html,
|
||||
Preview,
|
||||
Section,
|
||||
Text,
|
||||
Tailwind
|
||||
} from "@react-email/components";
|
||||
import * as React from "react";
|
||||
|
||||
interface Props {
|
||||
email: string;
|
||||
enabled: boolean;
|
||||
}
|
||||
|
||||
export const TwoFactorAuthNotification = ({ email, enabled }: Props) => {
|
||||
const previewText = `Two-Factor Authentication has been ${enabled ? "enabled" : "disabled"}`;
|
||||
|
||||
return (
|
||||
<Html>
|
||||
<Head />
|
||||
<Preview>{previewText}</Preview>
|
||||
<Tailwind
|
||||
config={{
|
||||
theme: {
|
||||
extend: {
|
||||
colors: {
|
||||
primary: "#16A34A"
|
||||
}
|
||||
}
|
||||
}
|
||||
}}
|
||||
>
|
||||
<Body className="font-sans">
|
||||
<Container className="bg-white border border-solid border-gray-200 p-6 max-w-lg mx-auto my-8 rounded-lg">
|
||||
<Heading className="text-2xl font-semibold text-gray-800 text-center">
|
||||
Two-Factor Authentication{" "}
|
||||
{enabled ? "Enabled" : "Disabled"}
|
||||
</Heading>
|
||||
<Text className="text-base text-gray-700 mt-4">
|
||||
Hi {email || "there"},
|
||||
</Text>
|
||||
<Text className="text-base text-gray-700 mt-2">
|
||||
This email confirms that Two-Factor Authentication
|
||||
has been successfully{" "}
|
||||
{enabled ? "enabled" : "disabled"} on your account.
|
||||
</Text>
|
||||
<Section className="text-center my-6">
|
||||
{enabled ? (
|
||||
<Text className="text-base text-gray-700">
|
||||
With Two-Factor Authentication enabled, your
|
||||
account is now more secure. Please ensure
|
||||
you keep your authentication method safe.
|
||||
</Text>
|
||||
) : (
|
||||
<Text className="text-base text-gray-700">
|
||||
With Two-Factor Authentication disabled,
|
||||
your account may be less secure. We
|
||||
recommend enabling it to protect your
|
||||
account.
|
||||
</Text>
|
||||
)}
|
||||
</Section>
|
||||
<Text className="text-base text-gray-700 mt-2">
|
||||
If you did not make this change, please contact our
|
||||
support team immediately.
|
||||
</Text>
|
||||
<Text className="text-sm text-gray-500 mt-6">
|
||||
Best regards,
|
||||
<br />
|
||||
Fossorial
|
||||
</Text>
|
||||
</Container>
|
||||
</Body>
|
||||
</Tailwind>
|
||||
</Html>
|
||||
);
|
||||
};
|
||||
|
||||
export default TwoFactorAuthNotification;
|
||||
|
|
@ -11,6 +11,9 @@ import { response } from "@server/utils";
|
|||
import { verifyPassword } from "@server/auth/password";
|
||||
import { verifyTotpCode } from "@server/auth/2fa";
|
||||
import logger from "@server/logger";
|
||||
import { sendEmail } from "@server/emails";
|
||||
import TwoFactorAuthNotification from "@server/emails/templates/TwoFactorAuthNotification";
|
||||
import config from "@server/config";
|
||||
|
||||
export const disable2faBody = z
|
||||
.object({
|
||||
|
|
@ -84,17 +87,22 @@ export async function disable2fa(
|
|||
);
|
||||
}
|
||||
|
||||
await db.transaction(async (trx) => {
|
||||
await trx
|
||||
.update(users)
|
||||
.set({ twoFactorEnabled: false })
|
||||
.where(eq(users.userId, user.userId));
|
||||
await db
|
||||
.update(users)
|
||||
.set({ twoFactorEnabled: false })
|
||||
.where(eq(users.userId, user.userId));
|
||||
|
||||
await trx
|
||||
.delete(twoFactorBackupCodes)
|
||||
.where(eq(twoFactorBackupCodes.userId, user.userId));
|
||||
});
|
||||
// TODO: send email to user confirming two-factor authentication is disabled
|
||||
sendEmail(
|
||||
TwoFactorAuthNotification({
|
||||
email: user.email,
|
||||
enabled: false
|
||||
}),
|
||||
{
|
||||
to: user.email,
|
||||
from: config.email?.no_reply,
|
||||
subject: "Two-factor authentication disabled"
|
||||
}
|
||||
);
|
||||
|
||||
return response<null>(res, {
|
||||
data: null,
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@ export type RequestTotpSecretBody = z.infer<typeof requestTotpSecretBody>;
|
|||
|
||||
export type RequestTotpSecretResponse = {
|
||||
secret: string;
|
||||
uri: string;
|
||||
};
|
||||
|
||||
export async function requestTotpSecret(
|
||||
|
|
@ -75,7 +76,8 @@ export async function requestTotpSecret(
|
|||
|
||||
return response<RequestTotpSecretResponse>(res, {
|
||||
data: {
|
||||
secret: uri
|
||||
secret,
|
||||
uri
|
||||
},
|
||||
success: true,
|
||||
error: false,
|
||||
|
|
|
|||
|
|
@ -11,6 +11,9 @@ import { alphabet, generateRandomString } from "oslo/crypto";
|
|||
import { hashPassword } from "@server/auth/password";
|
||||
import { verifyTotpCode } from "@server/auth/2fa";
|
||||
import logger from "@server/logger";
|
||||
import { sendEmail } from "@server/emails";
|
||||
import TwoFactorAuthNotification from "@server/emails/templates/TwoFactorAuthNotification";
|
||||
import config from "@server/config";
|
||||
|
||||
export const verifyTotpBody = z
|
||||
.object({
|
||||
|
|
@ -92,8 +95,6 @@ export async function verifyTotp(
|
|||
});
|
||||
}
|
||||
|
||||
// TODO: send email to user confirming two-factor authentication is enabled
|
||||
|
||||
if (!valid) {
|
||||
return next(
|
||||
createHttpError(
|
||||
|
|
@ -103,6 +104,18 @@ export async function verifyTotp(
|
|||
);
|
||||
}
|
||||
|
||||
sendEmail(
|
||||
TwoFactorAuthNotification({
|
||||
email: user.email,
|
||||
enabled: true
|
||||
}),
|
||||
{
|
||||
to: user.email,
|
||||
from: config.email?.no_reply,
|
||||
subject: "Two-factor authentication enabled"
|
||||
}
|
||||
);
|
||||
|
||||
return response<VerifyTotpResponse>(res, {
|
||||
data: {
|
||||
valid,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue